package com.magic.shop.interceptor;

import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * @author zhangbo
 * @create 2024/10/16
 * 后台用户的拦截器--暂时没用到
 */
@Configuration
public class SysUserInterceptor implements HandlerInterceptor {

    @Override
    public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3)
            throws Exception {

    }

    @Override
    public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3)
            throws Exception {

    }

    /**
     * 允许跨域
     */
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
            throws Exception {
        //response跨域设置
        response.setHeader("Access-Control-Allow-Origin",request.getHeader("origin"));//http://localhost:18080
        // https://blog.csdn.net/dulo2005/article/details/139566949
        // 出现该问题是跨域问题，当allowCredentials为true时，allowingOrigins不能包含特殊值“ *”，因为无法在“ Access-Control-Allow-Origin”响应标头上设置
        //当配置了 withCredentials = true时，必须在后端增加 response 头信息Access-Control-Allow-Origin，且必须指定域名，而不能指定为*
        //如果后端需要带cookie过去，前端需要设置为true
        //axios.defaults.withCredentials
        //response.setHeader("Access-Control-Allow-Origin","*");
        response.setHeader("Access-Control-Allow-Methods","POST");
        response.setHeader("Access-Control-Allow-Headers","Access-Control");
        response.setHeader("Allow","POST");
        return true;
    }
}
